Recent statistics from Kaspersky showed the Philippines (4,559,288) ranked fifth among countries in Southeast Asia with the most phishing attacks in 2022. Based on the list released by the cybersecurity and digital privacy company, the most targeted in the region were Vietnam (17,847,857), Malaysia (8,267,013), Thailand (6,283,745) and Indonesia (4,931,367). 

In 2022, global phishing attacks frequently targeted users of delivery services, making up 27.38% of all attempts blocked by Kaspersky solutions. Scammers use emails under the guise of well-known delivery companies claiming issues with shipments. Each email will have a link to a fake website asking for personal information or financial details. Should a victim fall for the scam, their identity and banking data could end up being sold to websites on the dark web and they could lose it for good.  

Philippines 5th in SEA with most phishing incidents in 2022
Phishing attacks: frequently targeted users globally

Online stores (15.56%), which were popular with attackers during the pandemic, were the second most targeted of phishing attacks while payment systems (10.39%) and banks (10.39%) both tied for third place.

The rating of organizations targeted by phishers is based on the triggering of the deterministic component in the Anti-Phishing system on user computers. The component detects all pages with phishing content that the user has tried to open by following a link in an email message or on the web, as long as links to these pages are present in the Kaspersky database.

In 2022, a total of 43,445,502 phishing attempts that targeted the devices of Kaspersky’s individual and enterprise users in the region were prevented by Kaspersky’s Anti-Phishing system to follow phishing links.

A recent report from one of Southeast Asia’s superapp that provides deliveries and mobility services in the Philippines revealed that seven in 10 consumers say that delivery is now a permanent part of life. The convenience and immediacy of this service are the top reasons for consumers. According to the same report, delivery platforms in the Philippines have even turned into search engines for food and merchant discoveries among users. 

The food delivery platform’s gross merchandise value in Southeast Asia was noted to have reached a 5% year-on-year increase or an equivalent of US$16.3 billion, primarily driven by a few small markets in the region including the Philippines. 

“When it comes to scamming people online, phishing remains to be the tried and tested modus operandi of cybercriminals due to its cost-effectiveness and profitability. A malicious mail with a phishing link that leads to a phishing page lays the foundation for an attack that will eventually result in identity theft, financial loss and damage to reputation for both individuals and businesses. Protecting corporate and personal data is an urgent necessity for everyone in the Philippines and in the region,” says Adrian Hia, Managing Director for Asia Pacific at Kaspersky.

In Kaspersky’s previous studies, the average cost of data breach for small and medium businesses (SMBs) from 2017-2021 is at $104,400 (or P5.8 million in today’s forex). The highest recorded financial impact was $120,000 in 2018 which went down to $108,000 and $101,000 in 2019 and 2020, respectively, during the pandemic. It has gone up slightly to $105,000 in 2021. 

Recent data from the Cybercrime Investigation and Coordinating Center (CICC) revealed at least 73% of consumer data from micro, in the country are lost to cybercriminals. 

“Recently, we’ve seen an increase in targeted phishing attacks where scammers don’t immediately move on to the phishing attack itself, but only after several introductory emails where there is active correspondence with the victim. Our experts predict that this trend is likely to continue. New tricks are also likely to emerge in the corporate sector in 2023, with attacks generating significant profits for attackers,” adds Hia.

To make sure that you don’t become a phishing attack victim, here are some precautionary steps you should always take to avoid phishing.

  • Learn to recognize phishing attacks: make sure you are familiar with what all types of phishing attacks look like. When you receive them, delete them immediately.
  • Report phishing attacks: Once you have avoided a phishing attack, report the attack. This will allow companies to step up security and ensure they’re keeping customer accounts safe.
  • Get antivirus and anti-phishing software: Most digital security companies have software that has anti-phishing components built-in. Many will allow you to filter out phishing messages as spam, so you don’t even see them. Make sure you are using an antivirus program that would also remove any virus on your computer and that would help heal any damage done if any bad actors had installed malware on your devices.

Liked this post? Follow SwirlingOverCoffee on Facebook, YouTube, and Instagram.